CVE-2004-1167

Published: Jan 10, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

mirrorselect before 0.89 creates temporary files in a world-writable location with predictable file names, which allows remote attackers to overwrite arbitrary files via a symlink attack.

Affected (9)

Products: Gentoo: Mirrorselect

Gentoo

1 product

Mirrorselect

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Gentoo Mirrorselect	Version 0.80
Gentoo Mirrorselect	Version 0.81
Gentoo Mirrorselect	Version 0.82
Gentoo Mirrorselect	Version 0.83
Gentoo Mirrorselect	Version 0.84
Gentoo Mirrorselect	Version 0.85
Gentoo Mirrorselect	Version 0.86
Gentoo Mirrorselect	Version 0.87
Gentoo Mirrorselect	Version 0.88

References (6)

http://secunia.com/advisories/13392/

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200412-05.xml

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/18382

Source: cve@mitre.org

http://secunia.com/advisories/13392/

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gentoo.org/security/en/glsa/glsa-200412-05.xml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/18382

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.